Provided by: flatpak_1.4.2-2_amd64
flatpak-build-sign - Sign an application or runtime
flatpak build-sign [OPTION...] LOCATION ID [BRANCH]
Signs the commit for a specified application or runtime in a local repository. LOCATION is the location of the repository. ID is the name of the application, or runtime if --runtime is specified. If BRANCH is not specified, it is assumed to be "master". Applications can also be signed during build-export, but it is sometimes useful to add additional signatures later.
The following options are understood: -h, --help Show help options and exit. --gpg-sign=KEYID Sign the commit with this GPG key. This option can be used multiple times. --gpg-homedir=PATH GPG Homedir to use when looking for keyrings --runtime Sign a runtime instead of an app. --arch=ARCH The architecture to use. -v, --verbose Print debug information during command processing. --ostree-verbose Print OSTree debug information during command processing.
$ flatpak build-sign --gpg-sign=D8BA6573DDD2418027736F1BC33B315E53C1E9D6 /some/repo org.my.App
ostree(1), flatpak(1), flatpak-build-export(1), flatpak-build(1),